package com.lxy.cxcyxmmsbackend.sys.interceptor;

import com.lxy.cxcyxmmsbackend.sys.entity.QxglRole;
import com.lxy.cxcyxmmsbackend.sys.exceptionHandle.exce.LoginException;
import com.lxy.cxcyxmmsbackend.sys.exceptionHandle.exce.PermissionException;
import com.lxy.cxcyxmmsbackend.sys.mapper.QxglDzMapper;
import com.lxy.cxcyxmmsbackend.sys.mapper.QxglRoleMapper;
import com.lxy.cxcyxmmsbackend.sys.utils.JwtUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

public class PermissionInterceptor implements HandlerInterceptor {
    @Autowired
    QxglDzMapper qxglDzMapper;
    @Autowired
    QxglRoleMapper qxglRoleMapper;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String requestURL = String.valueOf(request.getRequestURL());
        String token = request.getHeader("token");

        //放行预检请求
        String method = request.getMethod();
        if (method.equals("OPTIONS")) {
            response.setStatus(HttpServletResponse.SC_OK);
        }

        //检验token
        if (token != null && !token.isEmpty()) {
            boolean verify = JwtUtil.verifyToken(token);
            if (verify) {
                return true;
//                String user_id = JwtUtil.getUserName(token);
//                //查询该用户拥有的动作api
//                QxglRole role = qxglRoleMapper.selectRoleByUser_id(user_id);
//                List<String> apis = null;
//                if ("R2001".equals(role.getRoleBh())) {
//                    apis = qxglDzMapper.selectAllApi();
//                    return true;
//                } else {
//                    apis = qxglDzMapper.selectApiByUid(user_id);
//                    apis.add("insertUser");
//                }
//                //判断url中是否包含以上的api
//                boolean flag = false;
//                for (String api : apis) {
//                    flag = requestURL.contains(api);
//                    if (flag) {
//                        break;
//                    }
//                }
//                if (!flag) {
//                    throw new PermissionException("权限不足，请联系管理员添加权限！！");
//                } else {
//                    return true;
//                }
            } else {
                throw new LoginException("token校验失败，请重新登录");
            }
        } else {
            throw new LoginException("无token，请重新登录");
        }
    }


    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}
